Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
DETAILED ACTION
This action is in response to an application filed October 28, 2024. Claims 1-20 are pending in this application.
Double Patenting
The nonstatutory obviousness double patenting rejection is based on a judicially created doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the unjustified or improper timewise extension of the “right to exclude” granted by a patent and to prevent possible harassment by multiple assignees. A nonstatutory double patenting rejection is appropriate where the claims at issue are not identical, but at least one examined application claim is not patentably distinct from the reference claim(s) because the examined application claim is either anticipated by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 USPQ 644 (CCPA 1969).
A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) may be used to overcome an actual or provisional rejection based on a nonstatutory double patenting ground provided the reference application or patent either is shown to be commonly owned with this application, or claims an invention made as a result of activities undertaken within the scope of a joint research agreement. A terminal disclaimer must be signed in compliance with 37 CFR 1.321(b).
The USPTO internet Web site contains terminal disclaimer forms which may be used. Please visit http://www.uspto.gov/forms/. The filing date of the application will determine what form should be used. A web-based eTerminal Disclaimer may be filled out completely online using web-screens. An eTerminal Disclaimer that meets all requirements is auto-processed and approved immediately upon submission. For more information about eTerminal Disclaimers, refer to http://www.uspto.gov/patents/process/file/efs/guidance/eTD-info-I.jsp.
Claims 1-20 are rejected on the ground of nonstatutory obviousness double patenting as being unpatentable over claims 1-18 of patent no. US 12,164,624 B1. Although the claims at issue are not identical, they are not patentably distinct from each other because the claims are directed to the same subject matter of returning a set of security patterns as the collection of security patterns to apply to the application. A side-by-side analysis of the first independent claim(s) of the instant application and the copending application(s) has been included below. The bolded portions are portions which are almost identical to one another. The non-bolded portions are related to subject matter which are obvious, and do not further define over the subject matter of one another. One distinctive feature of the patent document is comprising memory-safe functions or a requirement to interact with a structured query language (SQL) database using stored procedures. Claims 6, 13, and 20 of the instant invention discloses this limitation. Therefore, the subject matter of both claim sets are not distinct from one another and yields an obviousness-type double patenting rejection. This is NOT a provisional double patenting rejection since patent document (US 12,164,624 B1) has been issued while the instant application is pending.
Here is the following side-by-side analysis of the first independent claim in each application:
Instant Application ‘562
7. A system, comprising:
a computing device comprising a processor and a memory; and
machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least:
identify a plurality of features associates with an application;
submit the plurality of features to a random forest machine learning model;
receive a set of security patterns from the random forest machine learning model;
submit the plurality of features and the set of security patterns to a k-nearest neighbor (KNN) machine learning model;
receive a subset of the set of security patterns that are nearest neighbors of at least one feature of the plurality of features; and
return the subset of the set of security patterns as the collection of security patterns to apply to the application.
Patent No. ‘624
1. A system, comprising:
a computing device comprising a processor and a memory; and
machine-readable instructions stored in the memory that, when executed by the processor, cause the computing device to at least:
receive a request to identify a collection of security patterns to apply to an application, wherein individual security patterns represent a collection of controls and safeguards that can be integrated into the application to mitigate threats to the application and wherein at least one security pattern in the collection of security patterns comprises a software library comprising memory-safe functions or a requirement to interact with a structured query language (SQL) database using stored procedures;
identify a plurality of features associated with the application;
submit the plurality of features to a random forest machine learning model;
receive a first set of security patterns from the random forest machine learning model;
submit the plurality of features to a k-nearest neighbor (KNN) machine learning model;
receive a second set of security patterns from the KNN machine learning model;
identify a subset of the security patterns that is included in both the first set of security patterns and the second set of security patterns; and
return the subset of the security patterns as the collection of security patterns to apply to the application.
Claim Rejections - 35 USC § 103
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
Claim(s) 1-5, 7-12, and 14-19 is/are rejected under 35 U.S.C. 103 as being unpatentable over Levin et al. (US 2020/0336506 A1), in view of Shen et al. (US 2022/0103589 A1).
With respect to claim 1, Levin discloses a non-transitory, computer-readable medium, comprising machine-readable instructions that, when executed by a processor of a computing device, cause the computing device to at least:
identify a plurality of features associated with an application (Abstract and [0032], extract features from alerts associated with resources);
submit the plurality of features to a random forest machine learning model ([0010], [0032], and [0044], applying a model to extracted features to identify a pattern of triggered alerts associated with a resource or group of resources; the model applied may be a random forest model);
Levin does not explicitly teach instructions that:
receive a set of security patterns from the random forest machine learning model;
submit the plurality of features and the set of security patterns to a k-nearest neighbor (KNN) machine learning model;
receive a subset of the set of security patterns that are nearest neighbors of at least one feature of the plurality of features; and
return the subset of the set security patterns as the collection of security patterns to apply to the application;
However, Shen discloses instructions to:
receive a set of security patterns from the random forest machine learning model (Abstract and [0007], applying a first set of machine learning models to generate first security assessment score; wherein [0148] discloses an exemplary model as a random forest model);
submit the plurality of features and the set of security patterns to a k-nearest neighbor (KNN) machine learning model (Abstract and [0083], applying a second machine learning model to event data retrieved from a database; wherein a learning-based model may use a tree-based k-nearest neighbors algorithm);
receive a subset of the set of security patterns that are nearest neighbors of at least one feature of the plurality of features (Abstract, a second score is produced from applying the second machine learning model); and
return the subset of the set security patterns as the collection of security patterns to apply to the application ([0003], wherein the overall score prevents any security risks from taking place, such as allowing access to the resource);
Therefore, it would have been obvious to one of ordinary skill in the art, at the time the invention was filed, to combine the teachings of Levin with the teachings of Shen and identify a subset of security pattens to apply to an application, in order to perform a more accurate and optimized prediction of security assessment for risks associated with a resource.
With respect to claim 2, the combination of Levin and Shen discloses the non-transitory, computer-readable medium of claim 1, wherein Shen further discloses the random forest machine learning model comprises a plurality of random decision trees for each of the plurality of features ([0148]-[0149], identifying a number of independent trees to include in a random forest model), and the random forest machine learning model is further configured to cause the computing device to at least:
for each feature of the plurality of features, traverse each of the plurality of random decision trees associated with the feature to determine a resulting security pattern ([0149]-[0151]);
identify a most frequently selected resulting security pattern produced by traversal of each of the plurality of random decision trees associated with the feature ([0150], summing generated decision trees to generate a random forest model); and
include the most frequently selected resulting security pattern in the set of security patterns ([0150]).
With respect to claim 3, the combination of Levin and Shen discloses the non-transitory, computer-readable medium of claim 1, wherein Levin discloses the machine-readable instructions that cause the computing device to identify the plurality of features associated with the application, when executed by the processor, further cause the computing device to at least:
analyze a source code file associated with the application ([0032]); and
identify a feature in the plurality of features based at least in part on an analysis of the source code file ([0032], identifying features from alerts of a resource; wherein the resource may include servers, client devices, and/or other components that communicate with one another).
With respect to claim 4, the combination of Levin and Shen discloses the non-transitory, computer-readable medium of claim 1, wherein Levin discloses the machine-readable instructions that cause the computing device to identify the plurality of features associated with the application, when executed by the processor, further cause the computing device to at least:
analyze an application design document associated with the application ([0032]); and
identify a feature in the plurality of features based at least in part on an analysis of a source code ([0032], identifying features from alerts of a resource; wherein the resource may include servers, client devices, and/or other components that communicate with one another).
With respect to claim 5, the combination of Levin and Shen discloses the non-transitory, computer readable medium of claim 1, wherein Levin discloses the machine-readable instructions that cause the computing device to identify the plurality of features associated with the application, when executed by the processor, further cause the computing device to at least:
analyze a list of features included in the request ([0032]); and
identify a feature in the plurality of features based at least in part on an analysis of the list of features included in the request ([0032], identifying features from alerts of a resource; wherein the resource may include servers, client devices, and/or other components that communicate with one another).
With respect to claim(s) 7-12, and 14-19, the system and method of claim(s) 7-12 and 14-19 does/do not limit or further define over the system of claim(s) 1-5. The limitations of claim(s) 7-12 and 14-19 is/are essentially similar to the limitations of claim(s) 1-5. Therefore, claim(s) 7-12 and 14-19 is/are rejected for the same reasons as claim(s) 1-5. Please see rejection above.
Allowable Subject Matter
Claim(s) 6, 13, and 20 is/are objected to as being dependent upon a rejected base claim, but would be allowable if rewritten in independent form including all of the limitations of the base claim and any intervening claims.
The following is a statement of reasons for the indication of allowable subject matter: The Examiner has not found any reasonable prior art(s) nor combination of prior art(s) which teach the feature of ‘at least one security pattern in the collection of security patterns comprises a software library comprising memory-safe functions or a requirement to interact with a structured query language (SQL) database using stored procedures’.
Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to ESTHER B. HENDERSON whose telephone number is (571)270-3807. The examiner can normally be reached Monday-Friday 6a-2p ET.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Umar Cheema can be reached at 571-270-3037. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/ESTHER B. HENDERSON/Primary Examiner, Art Unit 2458 April 30, 2026
Prosecution Insights